Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 241–250 of 486

Q241

Which AWS service allows you to manage user identities and permissions?

  • A AWS IAM
  • B AWS Lambda
  • C AWS CloudTrail
  • D AWS EC2
Explanation AWS IAM manages user identities and permissions, while the other services serve different purposes.
Q242

A company needs to run a virtual server without managing the underlying hardware. Which service should they use?

  • A AWS EC2
  • B AWS Lambda
  • C AWS ECS
  • D AWS App Runner
Explanation AWS EC2 allows running virtual servers, while the other options focus on serverless or containerized architectures.
Q243

What happens when an S3 bucket policy denies public access to a specific IP address?

  • A Access is fully denied
  • B Access is allowed globally
  • C Only the specified IP is denied
  • D Public access is enabled again
Explanation The bucket policy denies access from specified sources, fully restricting access as set in the policy.
Q244

Which service provides a managed solution for container orchestration?

  • A Amazon ECS
  • B Amazon DynamoDB
  • C AWS Lambda
  • D Amazon RDS
Explanation Amazon ECS orchestrates container deployments, while the others serve different purposes.
Q245

A company needs to ensure compliance with data residency requirements for its AWS infrastructure. Which service should they prioritize?

  • A AWS Direct Connect
  • B Amazon S3
  • C AWS Organizations
  • D AWS Config
Explanation Amazon S3 offers features for regional data storage compliant with residency requirements; others do not directly address data locality.
Q246

You are configuring a VPC with a public subnet. What happens when an instance in that subnet is assigned an Elastic IP?

  • A It loses internet connectivity.
  • B It gains a static public IP.
  • C It is no longer accessible internally.
  • D It must be terminated.
Explanation An Elastic IP provides a persistent public IP; the other options would not occur with Elastic IP usage.
Q247

Which service allows you to manage SSL/TLS certificates?

  • A AWS Certificate Manager
  • B Amazon CloudFront
  • C AWS WAF
  • D Amazon Route 53
Explanation AWS Certificate Manager enables you to provision and manage SSL/TLS certificates, while the others provide related but different functions.
Q248

A company needs to automatically scale its application based on demand. Which AWS service should they use?

  • A Amazon RDS
  • B AWS Elastic Beanstalk
  • C AWS Lambda
  • D Amazon CloudFront
Explanation AWS Elastic Beanstalk provides automatic scaling options based on demand; others don’t automatically manage scaling effectively in this context.
Q249

You are configuring a VPC peering connection. What happens when the peering is established?

  • A Both VPCs share public IPs
  • B Traffic can flow between VPCs
  • C VPCs cannot share security groups
  • D Routing domains are merged
Explanation Establishing a VPC peering connection allows traffic to flow between the VPCs, while the other options are incorrect implications of VPC peering.
Q250

Which service is AWS's managed NoSQL database?

  • A DynamoDB
  • B RDS
  • C Redshift
  • D Aurora
Explanation DynamoDB is AWS's managed NoSQL database; RDS is for SQL databases, Redshift is for data warehousing, and Aurora is a MySQL/PostgreSQL-compatible RDS service.